Hello,
Today, I plugged a flash stick of a friend into my laptop, I accidentally clicked a shortcut folder while I was trying to delete it manually, right after that whenever I plug my flash stick two folders with my username and new folder and another one named 'bizo' are created automatically.
I'm using Avast Internet Security + Malwarebytes Anti-Malware.
Thanks in advance.
Welcome guest, is this your first visit? Click the "Create Account" button now to join.
My computer is infected with a virus that hides folders
Results 1 to 10 of 12
-
23 Jul 2015 #1My System Specs
My computer is infected with a virus that hides folders
-
23 Jul 2015 #2My System Specs
If you can do all our scans and post results PCHF System Scans
-
23 Jul 2015 #3My System Specs
# AdwCleaner v4.208 - Logfile created 23/07/2015 at 15:33:11
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : NoureddinE - LAPTOP-NOURINE
# Running from : C:\Users\NoureddinE\Desktop\adwcleaner_4.208.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
File Deleted : C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v43.0.2357.134
[C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
*************************
AdwCleaner[R0].txt - [1250 bytes] - [23/07/2015 01:44:17]
AdwCleaner[R1].txt - [1248 bytes] - [23/07/2015 05:45:12]
AdwCleaner[R2].txt - [1064 bytes] - [23/07/2015 05:54:01]
AdwCleaner[R3].txt - [1693 bytes] - [23/07/2015 15:30:35]
AdwCleaner[S0].txt - [1323 bytes] - [23/07/2015 01:45:22]
AdwCleaner[S1].txt - [1318 bytes] - [23/07/2015 05:46:33]
AdwCleaner[S2].txt - [1628 bytes] - [23/07/2015 15:33:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1687 bytes] ##########
-
23 Jul 2015 #4My System Specs
MiniToolBox by Farbar Version: 01-07-2015
Ran by NoureddinE (administrator) on 23-07-2015 at 15:41:24
Running from "C:\Users\NoureddinE\Desktop"
Microsoft Windows 8.1 (X64)
Model: SVE1512A4E Manufacturer: Sony Corporation
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Qualcomm Atheros AR9485WB-EG Wireless Network Adapter = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
set interface interface="Ethernet" forwarding=disabled advertise=disabled metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled ecncapability=ecndisabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : LAPTOP-NOURINE
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Home
Wireless LAN adapter Local Area Connection* 12:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 1A-3E-8E-DD-56-AB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
Physical Address. . . . . . . . . : 08-3E-8E-DD-56-AB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : fd0b:d9d8:9e3d:0:85a3:feb1:7a8e:fadf(Preferred)
Temporary IPv6 Address. . . . . . : fd0b:d9d8:9e3d:0:71ef:9613:812d:3a6(Preferred)
Link-local IPv6 Address . . . . . : fe80::85a3:feb1:7a8e:fadf%4(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, July 23, 2015 3:34:27 PM
Lease Expires . . . . . . . . . . : Friday, July 24, 2015 3:34:29 PM
Default Gateway . . . . . . . . . : fe80::a6b1:e9ff:fee5:e7e5%4
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 319307406
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-61-9B-2E-30-F9-ED-C8-DE-C3
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : localdomain
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 30-F9-ED-C8-DE-C3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.Home:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 13:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1402:3754:3f57:fef5(Preferred)
Link-local IPv6 Address . . . . . : fe80::1402:3754:3f57:fef5%5(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 134217728
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-61-9B-2E-30-F9-ED-C8-DE-C3
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: monrouteur.Home
Address: 192.168.1.1
Name: google.com
Address: 216.58.210.46
Pinging google.com [216.58.210.46] with 32 bytes of data:
Reply from 216.58.210.46: bytes=32 time=86ms TTL=50
Reply from 216.58.210.46: bytes=32 time=86ms TTL=50
Ping statistics for 216.58.210.46:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 86ms, Maximum = 86ms, Average = 86ms
Server: monrouteur.Home
Address: 192.168.1.1
Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=169ms TTL=43
Reply from 98.139.183.24: bytes=32 time=169ms TTL=43
Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 169ms, Maximum = 169ms, Average = 169ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
6...1a 3e 8e dd 56 ab ......Microsoft Wi-Fi Direct Virtual Adapter
4...08 3e 8e dd 56 ab ......Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
3...30 f9 ed c8 de c3 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.10 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.10 281
192.168.1.10 255.255.255.255 On-link 192.168.1.10 281
192.168.1.255 255.255.255.255 On-link 192.168.1.10 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.10 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.10 281
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
4 281 ::/0 fe80::a6b1:e9ff:fee5:e7e5
1 306 ::1/128 On-link
5 306 2001::/32 On-link
5 306 2001:0:5ef5:79fd:1402:3754:3f57:fef5/128
On-link
4 281 fd0b:d9d8:9e3d::/64 On-link
4 281 fd0b:d9d8:9e3d:0:71ef:9613:812d:3a6/128
On-link
4 281 fd0b:d9d8:9e3d:0:85a3:feb1:7a8e:fadf/128
On-link
4 281 fe80::/64 On-link
5 306 fe80::/64 On-link
5 306 fe80::1402:3754:3f57:fef5/128
On-link
4 281 fe80::85a3:feb1:7a8e:fadf/128
On-link
1 306 ff00::/8 On-link
4 281 ff00::/8 On-link
5 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (07/23/2015 03:40:30 PM) (Source: Perflib) (User: )
Description: usbhubC:\WINDOWS\system32\usbperf.dll8
Error: (07/23/2015 03:40:30 PM) (Source: usbperf) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.
Error: (07/23/2015 03:40:29 PM) (Source: Perflib) (User: )
Description: RemoteAccessC:\Windows\System32\rasctrs.dll8
Error: (07/23/2015 03:40:29 PM) (Source: Perflib) (User: )
Description: rdyboostC:\WINDOWS\system32\sysmain.dll8
Error: (07/23/2015 03:40:29 PM) (Source: Perflib) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
Error: (07/23/2015 03:40:28 PM) (Source: Perflib) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8
Error: (07/23/2015 03:40:27 PM) (Source: Perflib) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service) (User: )
Description: Could not get performance counter registry info for WSearchIdxPi for instance due to the following error: The operation completed successfully. 0x0.
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.
Context: Application, SystemIndex Catalog
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.
System errors:
=============
Error: (07/23/2015 03:37:56 PM) (Source: DCOM) (User: LAPTOP-NOURINE)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/23/2015 03:37:48 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577
Error: (07/23/2015 03:34:45 PM) (Source: NETLOGON) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (07/23/2015 03:33:39 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%3
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (User: )
Description: The VCService service terminated unexpectedly. It has done this 1 time(s).
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (User: )
Description: The Intel(R) System Behavior Tracker Collector Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (User: )
Description: The Energy Server Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (User: )
Description: The NetworkSupport service terminated unexpectedly. It has done this 1 time(s).
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (User: )
Description: The VUAgent service terminated unexpectedly. It has done this 1 time(s).
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (User: )
Description: The ZAtheros Bt and Wlan Coex Agent service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (07/23/2015 03:40:30 PM) (Source: Perflib)(User: )
Description: usbhubC:\WINDOWS\system32\usbperf.dll8
Error: (07/23/2015 03:40:30 PM) (Source: usbperf)(User: )
Description:
Error: (07/23/2015 03:40:29 PM) (Source: Perflib)(User: )
Description: RemoteAccessC:\Windows\System32\rasctrs.dll8
Error: (07/23/2015 03:40:29 PM) (Source: Perflib)(User: )
Description: rdyboostC:\WINDOWS\system32\sysmain.dll8
Error: (07/23/2015 03:40:29 PM) (Source: Perflib)(User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
Error: (07/23/2015 03:40:28 PM) (Source: Perflib)(User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8
Error: (07/23/2015 03:40:27 PM) (Source: Perflib)(User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service)(User: )
Description: WSearchIdxPiThe operation completed successfully. 0x0
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service)(User: )
Description:
CodeIntegrity Errors:
===================================
Date: 2015-07-23 15:37:48.941
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-23 05:51:04.648
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-23 02:21:08.208
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-23 01:48:59.398
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-23 01:14:46.005
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-17 01:58:02.396
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-15 15:09:28.179
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-14 11:44:15.146
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-13 16:40:31.365
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-09 00:05:05.781
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
=========================== Installed Programs ============================
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Reader 64-bit fixes (HKLM\...\{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version: - Leo Davidson / Pretentious Name)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Ayat (HKLM-x32\...\{41E2E6F7-F831-A443-D7D8-3B164D6B936F}) (Version: 1.4 - UNKNOWN) Hidden
Ayat (HKLM-x32\...\sa.edu.ksa.ayat) (Version: 1.4 - UNKNOWN)
Canon LBP6020 (HKLM\...\Canon LBP6020) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
KUx86 (HKLM-x32\...\{857087BB-A988-4462-A5C6-CF6739143B56}) (Version: 1.0.0 - Sony Corporation) Hidden
Le Robert Collège (HKLM-x32\...\CLGCD2011) (Version: - Le Robert)
Ma-Config.com (64 bits) (HKLM\...\{5DF0C7C4-08DF-4B93-94CA-8E351848BE70}) (Version: 7.1.3.1 - Cybelsoft)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - اللغة العربية (HKLM\...\{90150000-001F-0401-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Networkx64 (HKLM\...\{AD1A77F2-5E5F-4A1C-A5C5-74CE7CEC5EC6}) (Version: 1.0.0 - Sony Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Oxford Advanced Learner's Dictionary - 8th Edition (HKLM-x32\...\NSIS_oald8) (Version: - )
Oxford Business English Dictionary (HKLM-x32\...\Oxford Business English Dictionary) (Version: - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
QUICKfind server v1.1 (HKLM-x32\...\QUICKfind) (Version: - IDM)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.28150 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C5D14A1B-6E3E-491A-96C6-ABDEEEC4E97D}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E4F470B2-3601-4E1C-B291-D6B580F53136}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0115-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0117-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Store App Support Utility (HKLM\...\{B93C07D4-49FF-440D-8A6A-054A42AEA960}) (Version: 1.0.0.02240 - Sony Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version: - Zbshareware Lab)
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11220 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VCCx64 (HKLM\...\{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (HKLM\...\{6B7DE186-374B-4873-AEC1-7464DA337DD6}) (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (HKLM-x32\...\{9D12A8B5-9D41-4465-BF11-70719EB0CD02}) (Version: 1.1.0 - Sony Corporation ) Hidden
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (07/24/2012 10.0.0.75) (HKLM\...\27EC41F0F7F197FCADC768C7958D18E796255914) (Version: 07/24/2012 10.0.0.75 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (08/07/2013 10.0.0.263) (HKLM\...\3474A1290735048672AEA82C2CD0D7B80668F793) (Version: 08/07/2013 10.0.0.263 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Qualcomm Atheros Communications Inc. Net (07/24/2012 10.0.0.75) (HKLM\...\1638C07DF0363E944FCF88A4B3666EFBAE0E33AD) (Version: 07/24/2012 10.0.0.75 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Sony Corporation (SFEP) HIDClass (06/18/2012 8.0.2.4) (HKLM\...\54DCDF5F20965812FBF3C1C44CE2E9E620585DE9) (Version: 06/18/2012 8.0.2.4 - Sony Corporation)
Windows Driver Package - Sony Croporation (SOWS) HIDClass (06/11/2012 1.0.0.06110) (HKLM\...\5478D63468C46333F277779BC2B1EBAEA89C153D) (Version: 06/11/2012 1.0.0.06110 - Sony Croporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
========================= Devices: ================================
**** End of log ****
-
23 Jul 2015 #5My System Specs
Windows IP Configuration
Host Name . . . . . . . . . . . . : LAPTOP-NOURINE
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Home
Wireless LAN adapter Local Area Connection* 12:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 1A-3E-8E-DD-56-AB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
Physical Address. . . . . . . . . : 08-3E-8E-DD-56-AB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : fd0b:d9d8:9e3d:0:85a3:feb1:7a8e:fadf(Preferred)
Temporary IPv6 Address. . . . . . : fd0b:d9d8:9e3d:0:71ef:9613:812d:3a6(Preferred)
Link-local IPv6 Address . . . . . : fe80::85a3:feb1:7a8e:fadf%4(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, July 23, 2015 3:34:27 PM
Lease Expires . . . . . . . . . . : Friday, July 24, 2015 3:34:28 PM
Default Gateway . . . . . . . . . : fe80::a6b1:e9ff:fee5:e7e5%4
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 319307406
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-61-9B-2E-30-F9-ED-C8-DE-C3
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : localdomain
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 30-F9-ED-C8-DE-C3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.Home:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 13:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1402:3754:3f57:fef5(Preferred)
Link-local IPv6 Address . . . . . : fe80::1402:3754:3f57:fef5%5(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 134217728
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-61-9B-2E-30-F9-ED-C8-DE-C3
NetBIOS over Tcpip. . . . . . . . : Disabled
Interface name : Wi-Fi
There are 2 networks currently visible.
SSID 1 : esias
Network type : Infrastructure
Authentication : WPA2-Personal
Encryption : CCMP
BSSID 1 : a6:e3:b8:2e:8b:22
Signal : 66%
Radio type : 802.11n
Channel : 1
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54
SSID 2 : TNCAP15DEC5
Network type : Infrastructure
Authentication : WPA2-Personal
Encryption : CCMP
BSSID 1 : 30:91:8f:15:de:c5
Signal : 30%
Radio type : 802.11n
Channel : 6
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54
Profiles on interface Wi-Fi:
Group policy profiles (read only)
---------------------------------
<None>
User profiles
-------------
All User Profile : esias
All User Profile : N@URINE
Pinging 194.119.131.66 with 32 bytes of data:
Reply from 194.119.131.66: bytes=32 time=86ms TTL=49
Reply from 194.119.131.66: bytes=32 time=87ms TTL=49
Reply from 194.119.131.66: bytes=32 time=101ms TTL=49
Reply from 194.119.131.66: bytes=32 time=85ms TTL=49
Ping statistics for 194.119.131.66:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 85ms, Maximum = 101ms, Average = 89ms
Pinging plus.net [212.159.9.2] with 32 bytes of data:
Request timed out.
Reply from 212.159.9.2: bytes=32 time=102ms TTL=237
Reply from 212.159.9.2: bytes=32 time=112ms TTL=237
Reply from 212.159.9.2: bytes=32 time=97ms TTL=237
Ping statistics for 212.159.9.2:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 97ms, Maximum = 112ms, Average = 103ms
Tracing route to cns1.uk.vianw.net [194.119.131.66]
over a maximum of 30 hops:
1 2 ms 1 ms 2 ms monrouteur.Home [192.168.1.1]
2 * * * Request timed out.
3 42 ms 41 ms 40 ms adsl-146-65-192-81.adsl2.iam.net.ma [81.192.65.146]
4 39 ms 38 ms 38 ms adsl-153-65-192-81.adsl2.iam.net.ma [81.192.65.153]
5 42 ms 38 ms 46 ms adsl-85-25-192-81.adsl.iam.net.ma [81.192.25.85]
6 67 ms 67 ms 67 ms te0-7-0-1.ccr21.mrs01.atlas.cogentco.com [149.6.154.109]
7 78 ms 77 ms 77 ms be2236.ccr41.par01.atlas.cogentco.com [130.117.1.157]
8 81 ms 79 ms 81 ms be2308.ccr21.par04.atlas.cogentco.com [154.54.73.230]
9 77 ms 78 ms 77 ms level3.par04.atlas.cogentco.com [130.117.14.94]
10 84 ms 84 ms 84 ms ae-127-3513.edge6.London1.Level3.net [4.69.166.65]
11 85 ms 112 ms 195 ms ae-127-3513.edge6.London1.Level3.net [4.69.166.65]
12 191 ms 189 ms 179 ms CLARANET.edge6.London1.Level3.net [212.113.9.106]
13 85 ms 101 ms 95 ms ten8-3-t6-ar12.router.uk.clara.net [195.8.90.125]
14 83 ms 86 ms 84 ms cns1.uk.vianw.net [194.119.131.66]
Trace complete.
These Windows services are started:
Adobe Acrobat Update Service
Application Information
AtherosSvc
Avast Antivirus
Avast Firewall
Background Intelligent Transfer Service
Background Tasks Infrastructure Service
Base Filtering Engine
COM+ Event System
Computer Browser
Credential Manager
Cryptographic Services
DCOM Server Process Launcher
Device Association Service
DHCP Client
Diagnostic Policy Service
Diagnostic Service Host
Diagnostic System Host
Diagnostics Tracking Service
Distributed Link Tracking Client
DNS Client
Energy Server Service
File History Service
Group Policy Client
Intel(R) System Behavior Tracker Collector Service
IP Helper
Local Session Manager
MBAMScheduler
MBAMService
Microsoft Account Sign-in Assistant
Multimedia Class Scheduler
Network Connection Broker
Network List Service
Network Location Awareness
Network Store Interface Service
Plug and Play
Power
Print Spooler
Program Compatibility Assistant Service
Remote Desktop Services
Remote Procedure Call (RPC)
RPC Endpoint Mapper
Security Accounts Manager
Security Center
Server
Shell Hardware Detection
SSDP Discovery
Superfetch
System Event Notification Service
System Events Broker
Task Scheduler
TCP/IP NetBIOS Helper
Themes
Time Broker
User Profile Service
VAIO Event Service
VCService
Virtual Disk
VUAgent
Windows Audio
Windows Audio Endpoint Builder
Windows Connection Manager
Windows Error Reporting Service
Windows Event Log
Windows Firewall
Windows Font Cache Service
Windows Image Acquisition (WIA)
Windows Management Instrumentation
Windows Media Player Network Sharing Service
Windows Search
Windows Update
WinHTTP Web Proxy Auto-Discovery Service
WLAN AutoConfig
Workstation
ZAtheros Bt and Wlan Coex Agent
The command completed successfully.
Microsoft Windows [Version 6.3.9600]
Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
System Idle Process 0 Services 0 4 K
System 4 Services 0 2,176 K
smss.exe 360 Services 0 840 K
csrss.exe 496 Services 0 4,200 K
wininit.exe 560 Services 0 3,760 K
csrss.exe 568 Console 1 14,720 K
winlogon.exe 604 Console 1 6,268 K
services.exe 676 Services 0 6,852 K
lsass.exe 684 Services 0 12,204 K
svchost.exe 744 Services 0 12,940 K
svchost.exe 792 Services 0 8,704 K
dwm.exe 880 Console 1 31,720 K
svchost.exe 968 Services 0 26,600 K
svchost.exe 1004 Services 0 38,744 K
svchost.exe 508 Services 0 13,664 K
svchost.exe 428 Services 0 78,912 K
audiodg.exe 1048 Services 0 9,612 K
svchost.exe 1124 Services 0 13,524 K
AvastSvc.exe 1200 Services 0 40,776 K
spoolsv.exe 1300 Services 0 15,412 K
svchost.exe 1612 Services 0 20,440 K
taskhostex.exe 1752 Console 1 9,756 K
explorer.exe 1876 Console 1 106,072 K
afwServ.exe 2028 Services 0 5,240 K
GoogleCrashHandler.exe 1432 Services 0 952 K
armsvc.exe 2060 Services 0 3,988 K
livecomm.exe 2084 Console 1 17,488 K
NetworkClient.exe 2108 Console 1 348 K
AdminService.exe 2144 Services 0 5,104 K
svchost.exe 2196 Services 0 11,256 K
dasHost.exe 2240 Services 0 3,896 K
mbamscheduler.exe 2248 Services 0 9,132 K
StoreAppSupportUtility.ex 2448 Console 1 208 K
GWX.exe 2492 Console 1 576 K
GoogleCrashHandler64.exe 2540 Services 0 60 K
mbamservice.exe 2680 Services 0 160,568 K
svchost.exe 2824 Services 0 6,120 K
VESMgr.exe 2852 Services 0 5,956 K
mbam.exe 2944 Console 1 43,076 K
VESMgrSub.exe 2996 Services 0 8,456 K
VESMgrSub.exe 3008 Console 1 11,008 K
dllhost.exe 1068 Services 0 6,616 K
BtvStack.exe 1976 Console 1 14,672 K
CNAP2LAK.EXE 3128 Console 1 5,180 K
SynTPEnh.exe 3200 Console 1 9,296 K
ActivateDesktop.exe 3228 Console 1 4,820 K
googledrivesync.exe 3352 Console 1 3,072 K
USBGuard.exe 3432 Console 1 14,448 K
CNAP2RPK.EXE 3568 Console 1 5,548 K
CNABFSWK.EXE 3596 Console 1 8,876 K
CNABFSWK.EXE 3640 Console 1 9,028 K
googledrivesync.exe 3940 Console 1 63,048 K
taskeng.exe 3960 Console 1 5,260 K
MSOSYNC.EXE 3996 Console 1 2,840 K
RuntimeBroker.exe 1764 Console 1 26,416 K
VAIOUpdt.exe 4092 Console 1 1,220 K
SearchIndexer.exe 1220 Services 0 44,012 K
Ath_CoexAgent.exe 476 Services 0 5,272 K
wmpnetwk.exe 3368 Services 0 7,116 K
SettingSyncHost.exe 4176 Console 1 9,044 K
esrv.exe 2056 Console 1 10,644 K
VUAgent.exe 5128 Services 0 6,260 K
WmiPrvSE.exe 5136 Services 0 11,984 K
conhost.exe 5812 Console 1 4,108 K
svchost.exe 5376 Services 0 5,960 K
SynTPHelper.exe 4956 Console 1 3,236 K
ISBMgr.exe 6168 Console 1 7,096 K
avastui.exe 6488 Console 1 20,488 K
unsecapp.exe 6556 Console 1 5,360 K
VCSystemTray.exe 1828 Console 1 33,080 K
esrv_svc.exe 1136 Services 0 11,100 K
VCPerfService.exe 5996 Services 0 10,652 K
listener.exe 5948 Console 1 4,684 K
VCService.exe 988 Services 0 5,184 K
VCAgent.exe 5180 Services 0 135,292 K
vds.exe 6216 Services 0 8,120 K
WINWORD.EXE 4484 Console 1 192,724 K
soundrec.exe 5104 Console 1 3,804 K
WWAHost.exe 6964 Console 1 16,384 K
WmiPrvSE.exe 1864 Services 0 5,912 K
wireless.exe 6604 Console 1 8,468 K
SearchProtocolHost.exe 3612 Services 0 7,960 K
SearchFilterHost.exe 6304 Services 0 5,360 K
svchost.exe 5916 Services 0 2,764 K
dllhost.exe 3536 Console 1 5,312 K
cmd.exe 5596 Console 1 3,080 K
conhost.exe 5844 Console 1 4,768 K
tasklist.exe 7040 Console 1 6,192 K
MTU MediaSenseState Bytes In Bytes Out Interface
------ --------------- --------- --------- -------------
1500 1 4400887 1555865 Wi-Fi
4294967295 1 161 5807 Loopback Pseudo-Interface 1
1500 5 0 0 Local Area Connection* 12
1500 5 0 0 Ethernet
Querying active state...
TCP Global Parameters
----------------------------------------------
Receive-Side Scaling State : enabled
Chimney Offload State : disabled
NetDMA State : disabled
Direct Cache Access (DCA) : disabled
Receive Window Auto-Tuning Level : normal
Add-On Congestion Control Provider : none
ECN Capability : disabled
RFC 1323 Timestamps : disabled
Initial RTO : 3000
Receive Segment Coalescing State : enabled
Non Sack Rtt Resiliency : disabled
Max SYN Retransmissions : 2
===========================================================================
Interface List
6...1a 3e 8e dd 56 ab ......Microsoft Wi-Fi Direct Virtual Adapter
4...08 3e 8e dd 56 ab ......Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
3...30 f9 ed c8 de c3 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.10 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.10 281
192.168.1.10 255.255.255.255 On-link 192.168.1.10 281
192.168.1.255 255.255.255.255 On-link 192.168.1.10 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.10 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.10 281
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
4 281 ::/0 fe80::a6b1:e9ff:fee5:e7e5
1 306 ::1/128 On-link
5 306 2001::/32 On-link
5 306 2001:0:5ef5:79fd:1402:3754:3f57:fef5/128
On-link
4 281 fd0b:d9d8:9e3d::/64 On-link
4 281 fd0b:d9d8:9e3d:0:71ef:9613:812d:3a6/128
On-link
4 281 fd0b:d9d8:9e3d:0:85a3:feb1:7a8e:fadf/128
On-link
4 281 fe80::/64 On-link
5 306 fe80::/64 On-link
5 306 fe80::1402:3754:3f57:fef5/128
On-link
4 281 fe80::85a3:feb1:7a8e:fadf/128
On-link
1 306 ff00::/8 On-link
4 281 ff00::/8 On-link
5 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 LAPTOP-NOURINE:0 LISTENING
RpcSs
[System]
TCP 0.0.0.0:445 LAPTOP-NOURINE:0 LISTENING
Can not obtain ownership information
TCP 0.0.0.0:9996 LAPTOP-NOURINE:0 LISTENING
[System]
TCP 0.0.0.0:9999 LAPTOP-NOURINE:0 LISTENING
[System]
TCP 0.0.0.0:49152 LAPTOP-NOURINE:0 LISTENING
[System]
TCP 0.0.0.0:49153 LAPTOP-NOURINE:0 LISTENING
EventLog
[System]
TCP 0.0.0.0:49154 LAPTOP-NOURINE:0 LISTENING
Schedule
[System]
TCP 0.0.0.0:49155 LAPTOP-NOURINE:0 LISTENING
Spooler
[System]
TCP 0.0.0.0:49156 LAPTOP-NOURINE:0 LISTENING
[System]
TCP 0.0.0.0:49253 LAPTOP-NOURINE:0 LISTENING
Can not obtain ownership information
TCP 127.0.0.1:6543 LAPTOP-NOURINE:0 LISTENING
[System]
TCP 127.0.0.1:12025 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP 127.0.0.1:12110 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP 127.0.0.1:12119 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP 127.0.0.1:12143 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP 127.0.0.1:12465 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP 127.0.0.1:12563 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP 127.0.0.1:12993 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP 127.0.0.1:12995 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP 127.0.0.1:27275 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP 127.0.0.1:43227 LAPTOP-NOURINE:0 LISTENING
[mbamservice.exe]
TCP 127.0.0.1:49265 LAPTOP-NOURINE:0 LISTENING
ESRV_SVC
[System]
TCP 127.0.0.1:49266 LAPTOP-NOURINE:0 LISTENING
[System]
TCP 192.168.1.10:139 LAPTOP-NOURINE:0 LISTENING
Can not obtain ownership information
TCP 192.168.1.10:49247 wn-in-f125:5222 ESTABLISHED
[googledrivesync.exe]
TCP 192.168.1.10:49249 lhr08s06-in-f10:https CLOSE_WAIT
[googledrivesync.exe]
TCP 192.168.1.10:49255 r-061-044-234-077:http ESTABLISHED
[AvastSvc.exe]
TCP 192.168.1.10:49295 msnbot-191-232-139-78:https ESTABLISHED
[System]
TCP 192.168.1.10:49649 lhr14s23-in-f45:https TIME_WAIT
TCP 192.168.1.10:49650 mrs04s10-in-f4:https TIME_WAIT
TCP 192.168.1.10:49651 lhr14s23-in-f3:https TIME_WAIT
TCP 192.168.1.10:49653 wa-in-f188:5228 TIME_WAIT
TCP 192.168.1.10:49656 lhr14s23-in-f46:https TIME_WAIT
TCP 192.168.1.10:49657 lhr14s23-in-f3:https TIME_WAIT
TCP 192.168.1.10:49658 lhr14s23-in-f46:https TIME_WAIT
TCP 192.168.1.10:49659 lhr14s23-in-f46:https TIME_WAIT
TCP 192.168.1.10:49661 lhr14s23-in-f46:https TIME_WAIT
TCP 192.168.1.10:49663 lhr14s23-in-f42:https TIME_WAIT
TCP 192.168.1.10:49664 lhr14s23-in-f42:https TIME_WAIT
TCP 192.168.1.10:49666 lhr14s23-in-f45:https TIME_WAIT
TCP 192.168.1.10:49667 lhr14s24-in-f78:https TIME_WAIT
TCP 192.168.1.10:49668 lhr14s23-in-f37:https TIME_WAIT
TCP 192.168.1.10:49674 r1:https TIME_WAIT
TCP 192.168.1.10:49676 a84-53-132-51:http TIME_WAIT
TCP 192.168.1.10:49683 r-070-045-234-077:http TIME_WAIT
TCP 192.168.1.10:49686 a84-53-132-51:http TIME_WAIT
TCP 192.168.1.10:49687 a84-53-132-51:http TIME_WAIT
TCP 192.168.1.10:49702 a84-53-132-243:http TIME_WAIT
TCP 192.168.1.10:49703 ec2-54-194-135-101:http TIME_WAIT
TCP 192.168.1.10:49704 ec2-54-194-135-101:http TIME_WAIT
TCP 192.168.1.10:49705 a84-53-132-203:http TIME_WAIT
TCP 192.168.1.10:49708 a84-53-132-203:http TIME_WAIT
TCP 192.168.1.10:49713 muc03s14-in-f46:https TIME_WAIT
TCP 192.168.1.10:49715 muc03s14-in-f46:https TIME_WAIT
TCP 192.168.1.10:49716 dub407-m:https ESTABLISHED
[System]
TCP 192.168.1.10:49717 dub406-m:https ESTABLISHED
[System]
TCP 192.168.1.10:49718 dub407-m:https ESTABLISHED
[System]
TCP 192.168.1.10:49719 dub406-m:https ESTABLISHED
[System]
TCP 192.168.1.10:49720 dub407-m:https ESTABLISHED
[System]
TCP 192.168.1.10:49721 65.52.219.207:https ESTABLISHED
[System]
TCP 192.168.1.10:49722 191.232.139.254:https TIME_WAIT
TCP 192.168.1.10:49723 lhr14s23-in-f42:https TIME_WAIT
TCP 192.168.1.10:49724 r-072-045-234-077:https TIME_WAIT
TCP 192.168.1.10:49738 r-058-042-234-077:http TIME_WAIT
TCP [::]:135 LAPTOP-NOURINE:0 LISTENING
RpcSs
[System]
TCP [::]:445 LAPTOP-NOURINE:0 LISTENING
Can not obtain ownership information
TCP [::]:9996 LAPTOP-NOURINE:0 LISTENING
[System]
TCP [::]:9999 LAPTOP-NOURINE:0 LISTENING
[System]
TCP [::]:49152 LAPTOP-NOURINE:0 LISTENING
[System]
TCP [::]:49153 LAPTOP-NOURINE:0 LISTENING
EventLog
[System]
TCP [::]:49154 LAPTOP-NOURINE:0 LISTENING
Schedule
[System]
TCP [::]:49155 LAPTOP-NOURINE:0 LISTENING
Spooler
[System]
TCP [::]:49156 LAPTOP-NOURINE:0 LISTENING
[System]
TCP [::]:49253 LAPTOP-NOURINE:0 LISTENING
Can not obtain ownership information
TCP [::1]:12025 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP [::1]:12110 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP [::1]:12119 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP [::1]:12143 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP [::1]:12465 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP [::1]:12563 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP [::1]:12993 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP [::1]:12995 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP [::1]:27275 LAPTOP-NOURINE:0 LISTENING
[AvastSvc.exe]
TCP [::1]:27275 LAPTOP-NOURINE:49728 TIME_WAIT
TCP [::1]:27275 LAPTOP-NOURINE:49729 TIME_WAIT
UDP 0.0.0.0:5355 *:*
Dnscache
[System]
UDP 127.0.0.1:1900 *:*
SSDPSRV
[System]
UDP 127.0.0.1:58904 *:*
SSDPSRV
[System]
UDP 192.168.1.10:137 *:*
Can not obtain ownership information
UDP 192.168.1.10:138 *:*
Can not obtain ownership information
UDP 192.168.1.10:1900 *:*
SSDPSRV
[System]
UDP [::]:5355 *:*
Dnscache
[System]
UDP [::1]:1900 *:*
SSDPSRV
[System]
UDP [::1]:58903 *:*
SSDPSRV
[System]
UDP [fe80::85a3:feb1:7a8e:fadf%4]:1900 *:*
SSDPSRV
[System]
Server: monrouteur.Home
Address: 192.168.1.1
Name: portal.plus.net
Addresses: 212.159.9.2
212.159.8.2
Aliases: Plusnet | Phone and Broadband Deals - Fast, Cheap & Reliable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
USB Security REG_SZ C:\Program Files (x86)\USB Disk Security\USBGuard.exe
ISBMgr.exe REG_SZ "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
AvastUI.exe REG_SZ "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
CNAP2 Launcher REG_SZ C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE
GoogleDriveSync REG_SZ "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
-
23 Jul 2015 #6My System Specs
Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by NoureddinE at 2015-07-23 16:02:17
Running from C:\Users\NoureddinE\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1497344233-3813089654-1566831206-500 - Administrator - Disabled)
Guest (S-1-5-21-1497344233-3813089654-1566831206-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1497344233-3813089654-1566831206-1015 - Limited - Enabled)
NoureddinE (S-1-5-21-1497344233-3813089654-1566831206-1001 - Administrator - Enabled) => C:\Users\NoureddinE
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Reader 64-bit fixes (HKLM\...\{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version: - Leo Davidson / Pretentious Name)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Ayat (HKLM-x32\...\sa.edu.ksa.ayat) (Version: 1.4 - UNKNOWN)
Ayat (x32 Version: 1.4 - UNKNOWN) Hidden
Canon LBP6020 (HKLM\...\Canon LBP6020) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Le Robert Collège (HKLM-x32\...\CLGCD2011) (Version: - Le Robert)
Ma-Config.com (64 bits) (HKLM\...\{5DF0C7C4-08DF-4B93-94CA-8E351848BE70}) (Version: 7.1.3.1 - Cybelsoft)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - اللغة العربية (HKLM\...\{90150000-001F-0401-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Oxford Advanced Learner's Dictionary - 8th Edition (HKLM-x32\...\NSIS_oald8) (Version: - )
Oxford Business English Dictionary (HKLM-x32\...\Oxford Business English Dictionary) (Version: - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
QUICKfind server v1.1 (HKLM-x32\...\QUICKfind) (Version: - IDM)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.28150 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Store App Support Utility (HKLM\...\{B93C07D4-49FF-440D-8A6A-054A42AEA960}) (Version: 1.0.0.02240 - Sony Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version: - Zbshareware Lab)
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11220 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (07/24/2012 10.0.0.75) (HKLM\...\27EC41F0F7F197FCADC768C7958D18E796255914) (Version: 07/24/2012 10.0.0.75 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (08/07/2013 10.0.0.263) (HKLM\...\3474A1290735048672AEA82C2CD0D7B80668F793) (Version: 08/07/2013 10.0.0.263 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Qualcomm Atheros Communications Inc. Net (07/24/2012 10.0.0.75) (HKLM\...\1638C07DF0363E944FCF88A4B3666EFBAE0E33AD) (Version: 07/24/2012 10.0.0.75 - Qualcomm Atheros Communications Inc.)
Windows Driver Package - Sony Corporation (SFEP) HIDClass (06/18/2012 8.0.2.4) (HKLM\...\54DCDF5F20965812FBF3C1C44CE2E9E620585DE9) (Version: 06/18/2012 8.0.2.4 - Sony Corporation)
Windows Driver Package - Sony Croporation (SOWS) HIDClass (06/11/2012 1.0.0.06110) (HKLM\...\5478D63468C46333F277779BC2B1EBAEA89C153D) (Version: 06/11/2012 1.0.0.06110 - Sony Croporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
06-07-2015 02:38:04 Scheduled Checkpoint
15-07-2015 12:34:09 Scheduled Checkpoint
23-07-2015 01:52:18 JRT Pre-Junkware Removal
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2015-06-04 04:23 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D166B66-A369-4821-A469-22364BA8DFF5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {1873DD84-63A1-4A3F-9CB5-5323FD91A040} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {2535A7C1-FA9D-40F6-83DE-CFCF2BAAB0D7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {2597790A-9924-48EC-B453-4B71426CB1DD} - System32\Tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start => C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe [2014-02-25] (Sony Corporation)
Task: {2AFF0FCC-8550-4845-A1B8-50A24F5822EB} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3A8EB9E3-374A-4058-8477-14FB69ECCC5E} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {419D0C8A-EDB6-4B07-AF2E-EF5BC266CDB2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {49216BCB-57F7-4162-8685-ECAAD09BB2AB} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {4C92FABB-9BAE-4655-89CC-0E1C93F715FD} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {4FE43E31-4268-41C9-AAED-2441E5CBD1D0} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {531F64AC-ACFC-48C8-957C-A7D9365743FD} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {53BFE722-FB0D-4034-A5D3-D7C939FE9FB2} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {60C6D883-B388-463A-A530-DCB68DC39003} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {63577B74-DDF1-4579-8291-1889AF19CAEF} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {657B047B-15F3-41CB-ADEA-9485862ED5A6} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {6703A6A6-3824-4AA9-B60B-5064300618DC} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LAPTOP-NOURINE-NoureddinE LAPTOP-NOURINE => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {80B673D0-DA80-49EC-B710-53F29DD7498F} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {84E768B9-396C-498B-A262-3707C2FF1500} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {8A488D26-7F7C-42FE-950B-214616F2BFA0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {95C0F7A0-4F8E-44C4-9DAD-574A7AD14021} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {A4C123C2-0ECA-4DDD-9D75-D3F35E8C6643} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B7CD77FA-E37C-45FB-B1CA-57380BE14474} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {BAB9A4C7-695D-439D-B656-256E5A50DA93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-12] (Google Inc.)
Task: {BCBA29C7-898C-417C-9124-C848C4713BB6} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {BF10B4AB-13AE-4E8B-9ED6-20061317EAF6} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {BFBEE03E-D2A1-4236-BFD0-8CE9EFCCBE50} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C00DCA2A-8AA7-4D6C-B2AF-C6E61FEEBD22} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {D608D24B-741A-4AC8-85AF-7DCAF46BAA14} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E3B4C47B-65ED-4963-A80F-AF9F57934A99} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)
Task: {F222FDE4-D0F6-4E39-8F56-6FC7C1C4D83B} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {FCC92FA0-B2F9-4B24-85BE-94F1C1CE820E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-12] (Google Inc.)
Task: {FFE61FC8-469E-4EA0-9004-46D8C366132A} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1497344233-3813089654-1566831206-1001
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (Whitelisted) ==============
2014-01-23 16:05 - 2014-01-23 16:05 - 08878248 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-11-28 22:35 - 2013-11-28 22:35 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-11-28 22:32 - 2013-11-28 22:32 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-28 22:38 - 2013-11-28 22:38 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-11-19 11:21 - 2013-11-19 11:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2015-04-24 23:08 - 2015-04-24 23:08 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-24 23:08 - 2015-04-24 23:08 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-23 15:15 - 2015-07-23 15:15 - 02957312 _____ () C:\Program Files\AVAST Software\Avast\defs\15072300\algo.dll
2014-01-22 04:07 - 2014-01-22 04:07 - 08878248 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-07-23 15:35 - 2015-07-23 15:35 - 00098816 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32api.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00110080 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\pywintypes27.dll
2015-07-23 15:35 - 2015-07-23 15:35 - 00364544 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\pythoncom27.dll
2015-07-23 15:35 - 2015-07-23 15:35 - 00045568 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\_socket.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 01161216 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\_ssl.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00320512 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32com.shell.shell.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00713216 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\_hashlib.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 01175040 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\wx._core_.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00805888 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\wx._gdi_.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00811008 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\wx._windows_.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 01062400 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\wx._controls_.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00735232 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\wx._misc_.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00682496 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\pysqlite2._sqlite.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00087552 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\_ctypes.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00119808 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32file.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00108544 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32security.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00007168 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\hashobjs_ext.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00068096 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\usb_ext.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00167936 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32gui.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00018432 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32event.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00128512 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\_elementtree.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00127488 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\pyexpat.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00013824 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\common.time34.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00036864 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\_psutil_windows.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00038912 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32inet.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00011264 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32crypt.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00070656 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\wx._html2.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00027136 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\_multiprocessing.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00020480 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\_yappi.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00035840 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32process.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00686080 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\unicodedata.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00122368 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\wx._wizard.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00024064 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32pipe.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00010240 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\select.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00025600 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32pdh.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00525640 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\windows._lib_cacheinvalidation.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00017408 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32profile.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00022528 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\win32ts.pyd
2015-07-23 15:35 - 2015-07-23 15:35 - 00078336 _____ () C:\Users\NoureddinE\AppData\Local\Temp\_MEI33522\wx._animate.pyd
2015-03-09 08:36 - 2015-03-09 08:36 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\NoureddinE\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1497344233-3813089654-1566831206-1001\...\ma-config.com -> hxxp://ma-config.com
IE trusted site: HKU\S-1-5-21-1497344233-3813089654-1566831206-1001\...\ma-config.com -> hxxps://ma-config.com
IE trusted site: HKU\S-1-5-21-1497344233-3813089654-1566831206-1001\...\touslesdrivers.com -> hxxp://touslesdrivers.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1497344233-3813089654-1566831206-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\WinSxS\amd64_microsoft-windows-shell-wallpaper-theme1_31bf3856ad364e35_6.3.9600.16384_none_c798631778e4f8cc\Harmony 8.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: ESRV_SVC => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MaConfigAgent => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostServiceSony => 3
MSCONFIG\Services: NetworkSupport => 3
MSCONFIG\Services: SampleCollector => 2
MSCONFIG\Services: USER_ESRV_SVC => 3
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VAIO Power Management => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VUAgent => 3
MSCONFIG\Services: ZAtheros Bt and Wlan Coex Agent => 2
HKU\S-1-5-21-1497344233-3813089654-1566831206-1001\...\StartupApproved\Run: => "CNAP2 Launcher"
HKU\S-1-5-21-1497344233-3813089654-1566831206-1001\...\StartupApproved\Run: => "Adobe Speed Launcher"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{F1C1BB5A-7AC7-47DB-9982-2A25CD4E58C3}C:\program files (x86)\le robert\le robert collège\collegeha.exe] => (Allow) C:\program files (x86)\le robert\le robert collège\collegeha.exe
FirewallRules: [TCP Query User{3EFDCE11-99C6-4ABF-8AFD-4354022DC150}C:\program files (x86)\le robert\le robert collège\collegeha.exe] => (Allow) C:\program files (x86)\le robert\le robert collège\collegeha.exe
FirewallRules: [UDP Query User{B01D00BB-9F6F-4BA2-B022-B9F0660115A6}C:\program files (x86)\le robert\le robert collège\clgnet.exe] => (Allow) C:\program files (x86)\le robert\le robert collège\clgnet.exe
FirewallRules: [TCP Query User{4A10EB63-9276-4CCB-84E0-56464EAD0434}C:\program files (x86)\le robert\le robert collège\clgnet.exe] => (Allow) C:\program files (x86)\le robert\le robert collège\clgnet.exe
FirewallRules: [{00C577F7-648E-4CE5-9628-C32C74B379C5}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe
FirewallRules: [{88D3CA3E-BF0B-414B-82B8-F4FEEECA5E10}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe
FirewallRules: [{663FF1C6-5D99-49C4-A183-498D6803A587}] => (Allow) LPort=48114
FirewallRules: [{1FBD80E6-31A3-4A66-83B1-32D88E771C69}] => (Allow) LPort=48113
FirewallRules: [UDP Query User{E4D37F8B-9F48-4E88-B3E8-69CCF0538062}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{0A8C7818-507E-4ADE-8AB2-CA43B62DC5C8}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{BECADFF1-05B1-40E8-BC94-CC19AA4248B1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{951992D4-A6E6-4ED6-8BFE-80B308CA3FD5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{356BA401-7F9B-485E-A96B-5DF0F842D75E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{72FC4344-5BB6-4B35-B901-AA2B3452D51D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1B2176DC-270F-4510-8C29-84964E09C98C}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{363161A2-914D-4BAF-85D6-66215F87B8C4}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{39E268ED-4526-44FF-8A53-493F27E09AD1}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{15279F69-4776-4E19-8EBC-5DDE3E7A6733}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{18738738-76BB-4D9F-AE84-24359FA02822}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/23/2015 03:40:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: usbhubC:\WINDOWS\system32\usbperf.dll8
Error: (07/23/2015 03:40:30 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.
Error: (07/23/2015 03:40:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: RemoteAccessC:\Windows\System32\rasctrs.dll8
Error: (07/23/2015 03:40:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: rdyboostC:\WINDOWS\system32\sysmain.dll8
Error: (07/23/2015 03:40:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
Error: (07/23/2015 03:40:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8
Error: (07/23/2015 03:40:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Could not get performance counter registry info for WSearchIdxPi for instance due to the following error: The operation completed successfully. 0x0.
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.
Context: Application, SystemIndex Catalog
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.
System errors:
=============
Error: (07/23/2015 03:37:56 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NOURINE)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/23/2015 03:37:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577
Error: (07/23/2015 03:34:45 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (07/23/2015 03:33:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%3
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VCService service terminated unexpectedly. It has done this 1 time(s).
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) System Behavior Tracker Collector Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Energy Server Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NetworkSupport service terminated unexpectedly. It has done this 1 time(s).
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VUAgent service terminated unexpectedly. It has done this 1 time(s).
Error: (07/23/2015 03:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ZAtheros Bt and Wlan Coex Agent service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office:
=========================
Error: (07/23/2015 03:40:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: usbhubC:\WINDOWS\system32\usbperf.dll8
Error: (07/23/2015 03:40:30 PM) (Source: usbperf) (EventID: 2001) (User: )
Description:
Error: (07/23/2015 03:40:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: RemoteAccessC:\Windows\System32\rasctrs.dll8
Error: (07/23/2015 03:40:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: rdyboostC:\WINDOWS\system32\sysmain.dll8
Error: (07/23/2015 03:40:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
Error: (07/23/2015 03:40:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8
Error: (07/23/2015 03:40:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: WSearchIdxPiThe operation completed successfully. 0x0
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Context: Application, SystemIndex Catalog
Error: (07/23/2015 03:37:51 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description:
CodeIntegrity Errors:
===================================
Date: 2015-07-23 15:37:48.941
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-23 05:51:04.648
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-23 02:21:08.208
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-23 01:48:59.398
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-23 01:14:46.005
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-17 01:58:02.396
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-15 15:09:28.179
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-14 11:44:15.146
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-13 16:40:31.365
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-09 00:05:05.781
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 44%
Total physical RAM: 3973.28 MB
Available physical RAM: 2204.55 MB
Total Virtual: 5189.28 MB
Available Virtual: 3180.16 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:145.53 GB) (Free:86.47 GB) NTFS
Drive d: (Recovery Partition Windows 8.1) (Fixed) (Total:50.01 GB) (Free:19.44 GB) NTFS
Drive e: (N@RUINE) (Fixed) (Total:399.68 GB) (Free:332.08 GB) NTFS
Drive g: (N@URINE) (Removable) (Total:3.73 GB) (Free:0.81 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 4C8C8A9B)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00916ED5)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=07 NTFS)
==================== End of log ============================
-
23 Jul 2015 #7My System Specs
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by NoureddinE (administrator) on LAPTOP-NOURINE on 23-07-2015 16:00:59
Running from C:\Users\NoureddinE\Desktop
Loaded Profiles: NoureddinE (Available Profiles: NoureddinE)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Sony Corporation) C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Zbshareware Lab) C:\Program Files (x86)\USB Disk Security\USBGuard.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABFSWK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABFSWK.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_6.3.9600.20280_x64__8wekyb3d8bbwe\soundrec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [695528 2015-01-31] (Zbshareware Lab)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] (Qualcomm®Atheros®)
HKU\S-1-5-21-1497344233-3813089654-1566831206-1001\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKU\S-1-5-21-1497344233-3813089654-1566831206-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-24] (Avast Software s.r.o.)
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
GroupPolicyScripts-x32\User: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
HKU\S-1-5-21-1497344233-3813089654-1566831206-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.fr.msn.com/
HKU\S-1-5-21-1497344233-3813089654-1566831206-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-24] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-22] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-24] (Avast Software s.r.o.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3E6764C4-CB94-4A49-97DC-7C05EDDF9A85}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78E97C67-D4B8-49E7-8A1D-FF116132B586}: [DhcpNameServer] 192.168.0.1 192.168.0.1
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-22] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-09]
Chrome:
=======
CHR Profile: C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-16]
CHR Extension: (YouTube) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-09]
CHR Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfjbkbddpfnoplfhceolpopfoepleco [2015-06-16]
CHR Extension: (Adblock Plus) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-09]
CHR Extension: (Google Search) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-09]
CHR Extension: (Avast Online Security) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2015-03-09]
CHR Extension: (Search Center) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndfplmdnbnefomnjiknbpejdceedhdmf [2015-03-09]
CHR Extension: (OneDrive) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2015-03-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-09]
CHR Extension: (ezLinkPreview) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkcfbiefgdaceeplickkkmifpicbpcc [2015-03-09]
CHR Extension: (Gmail) - C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-09]
CHR HKU\S-1-5-21-1497344233-3813089654-1566831206-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-24] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-04-24] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S4 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2820424 2014-06-24] (CybelSoft)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-24] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-04-24] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-24] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-04-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-24] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-24] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-24] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-11-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-12-28] ()
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-27] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-10] (Sony Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-23 16:00 - 2015-07-23 16:01 - 00018417 _____ C:\Users\NoureddinE\Desktop\FRST.txt
2015-07-23 15:56 - 2015-07-23 16:01 - 00000000 ____D C:\FRST
2015-07-23 15:50 - 2015-07-23 15:52 - 00027882 _____ C:\Users\NoureddinE\Desktop\reg.txt
2015-07-23 15:41 - 2015-07-23 15:41 - 00032992 _____ C:\Users\NoureddinE\Desktop\Result.txt
2015-07-23 15:24 - 2015-07-23 15:24 - 00000035 _____ C:\Users\NoureddinE\Desktop\site.txt
2015-07-23 15:21 - 2015-07-23 15:28 - 158158304 _____ C:\Users\NoureddinE\Desktop\mwav.exe
2015-07-23 15:21 - 2015-07-23 15:21 - 01308672 _____ C:\Users\NoureddinE\Desktop\zoek.exe
2015-07-23 15:19 - 2015-07-23 15:19 - 02135552 _____ (Farbar) C:\Users\NoureddinE\Desktop\FRST64.exe
2015-07-23 15:18 - 2015-07-23 15:19 - 00278831 _____ C:\Users\NoureddinE\Desktop\wireless.exe
2015-07-23 01:44 - 2015-07-23 15:33 - 00000000 ____D C:\AdwCleaner
2015-07-23 01:33 - 2015-07-23 01:33 - 02248704 _____ C:\Users\NoureddinE\Desktop\adwcleaner_4.208.exe
2015-07-23 01:33 - 2015-07-23 01:33 - 01798288 _____ (Malwarebytes Corporation) C:\Users\NoureddinE\Desktop\JRT.exe
2015-07-23 01:32 - 2015-07-23 01:32 - 00892928 _____ (Farbar) C:\Users\NoureddinE\Desktop\MiniToolBox.exe
2015-07-22 11:21 - 2015-07-22 11:21 - 05499392 _____ C:\Users\NoureddinE\Desktop\caacb032ce3ede8ba6e1999713f29f4c-original.ppt
2015-07-22 11:18 - 2015-07-22 11:18 - 00387072 _____ C:\Users\NoureddinE\Desktop\التقويم+و+الدعم+ش1.ppt
2015-07-22 10:14 - 2015-07-22 10:14 - 00015380 _____ C:\Users\NoureddinE\Desktop\res_cont_5.rar
2015-07-22 09:51 - 2015-07-22 09:51 - 00000162 _____ C:\Users\NoureddinE\Desktop\عن الامتحان النهائي.txt
2015-07-21 16:26 - 2015-07-21 16:26 - 03257856 _____ C:\Users\NoureddinE\Desktop\أنشطة-الحياة-المدرسية.ppt
2015-07-21 06:12 - 2015-07-21 06:13 - 00340196 _____ C:\Users\NoureddinE\Desktop\pour communiquer.zip
2015-07-21 06:12 - 2015-07-21 06:12 - 00305600 _____ C:\Users\NoureddinE\Desktop\mes apprentissages.zip
2015-07-21 05:28 - 2015-07-21 05:28 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\7BF70802.sys
2015-07-19 15:16 - 2015-07-19 15:17 - 28021011 _____ C:\Users\NoureddinE\Desktop\التحضير للإمتحان المهني.rar
2015-07-19 15:07 - 2015-07-19 15:07 - 02956385 _____ C:\Users\NoureddinE\Desktop\ديداكتيك اللغة الإنجليزية haqiba.blogspot.com.rar
2015-07-17 14:45 - 2015-07-17 15:29 - 00000298 _____ C:\Users\NoureddinE\Desktop\المراجع المعتمدة في البحث.txt
2015-07-17 01:33 - 2015-06-15 23:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-07-17 01:33 - 2015-06-15 23:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-07-17 01:33 - 2015-06-15 23:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-07-17 01:33 - 2015-06-15 23:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-07-17 01:33 - 2015-06-15 23:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-07-17 01:33 - 2015-06-15 22:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-07-17 01:33 - 2015-06-15 22:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-07-17 01:33 - 2015-06-15 22:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-07-17 01:33 - 2015-06-15 22:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-07-17 01:33 - 2015-06-15 22:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-07-17 01:33 - 2015-06-15 22:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-07-17 01:33 - 2015-06-15 22:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-07-17 01:33 - 2015-06-15 22:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-07-17 01:33 - 2015-06-15 22:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-17 01:33 - 2015-06-15 22:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-17 01:33 - 2015-06-15 22:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-07-17 01:33 - 2015-06-15 22:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-07-17 01:33 - 2015-06-15 22:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-07-17 01:33 - 2015-06-15 22:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-07-17 01:33 - 2015-06-15 21:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-07-17 01:33 - 2015-06-15 21:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-07-17 01:33 - 2015-06-15 21:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-07-17 01:33 - 2015-06-15 21:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-07-17 01:33 - 2015-06-15 21:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-07-17 01:33 - 2015-06-15 21:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-07-17 01:33 - 2015-06-15 21:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-07-17 01:33 - 2015-06-15 21:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-07-17 01:33 - 2015-06-15 21:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-07-17 01:33 - 2015-06-15 21:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-07-17 01:33 - 2015-06-15 21:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-07-17 01:33 - 2015-06-15 21:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-17 01:33 - 2015-06-15 21:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-17 01:33 - 2015-06-15 21:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-07-17 01:32 - 2015-07-02 22:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-07-17 01:32 - 2015-07-02 21:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-17 01:32 - 2015-07-02 21:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-07-17 01:32 - 2015-07-02 21:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-17 01:32 - 2015-07-02 21:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-07-17 01:32 - 2015-07-02 20:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-17 01:32 - 2015-07-02 20:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-07-17 01:32 - 2015-07-02 19:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-17 01:32 - 2015-07-01 23:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-17 01:32 - 2015-07-01 22:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-17 01:32 - 2015-06-25 03:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-07-17 01:32 - 2015-06-15 21:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-07-17 01:31 - 2015-07-09 20:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-07-17 01:31 - 2015-07-09 19:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-07-17 01:31 - 2015-07-09 17:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-17 01:31 - 2015-07-09 16:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-07-17 01:31 - 2015-07-09 16:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-07-17 01:31 - 2015-07-09 16:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-07-17 01:31 - 2015-07-09 16:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-07-17 01:31 - 2015-07-09 16:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-17 01:31 - 2015-07-09 16:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-07-17 01:31 - 2015-07-09 16:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-07-17 01:31 - 2015-07-09 16:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-07-17 01:31 - 2015-07-09 16:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-07-17 01:31 - 2015-07-09 16:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-17 01:31 - 2015-07-03 14:52 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-07-17 01:31 - 2015-07-03 14:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-17 01:31 - 2015-07-03 14:50 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-07-17 01:31 - 2015-07-03 14:50 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-17 01:31 - 2015-06-29 23:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-07-17 01:31 - 2015-06-29 16:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-07-17 01:31 - 2015-06-29 16:07 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-07-17 01:31 - 2015-06-29 16:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-07-17 01:31 - 2015-06-29 16:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-07-17 01:31 - 2015-06-29 16:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-07-17 01:31 - 2015-06-28 06:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-07-17 01:31 - 2015-06-28 06:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-07-17 01:31 - 2015-06-28 06:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-07-17 01:31 - 2015-06-28 06:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-07-17 01:31 - 2015-06-27 17:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-07-17 01:31 - 2015-06-27 04:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-07-17 01:31 - 2015-06-27 04:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-07-17 01:31 - 2015-06-27 04:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-07-17 01:31 - 2015-06-27 04:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-07-17 01:31 - 2015-06-27 04:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-07-17 01:31 - 2015-06-27 03:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-07-17 01:31 - 2015-06-27 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-07-17 01:31 - 2015-06-27 03:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-17 01:31 - 2015-06-27 03:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-07-17 01:31 - 2015-06-27 02:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-07-17 01:31 - 2015-06-27 02:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-07-17 01:31 - 2015-06-27 00:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-07-17 01:31 - 2015-06-27 00:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-07-17 01:31 - 2015-06-16 06:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-07-17 01:31 - 2015-06-16 06:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-07-17 01:31 - 2015-06-15 23:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-17 01:31 - 2015-06-15 23:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-17 01:31 - 2015-06-15 22:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-17 01:31 - 2015-06-15 22:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-17 01:31 - 2015-06-15 20:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-07-17 01:31 - 2015-06-11 04:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-17 01:31 - 2015-06-10 17:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-17 01:31 - 2015-05-30 22:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-07-17 01:31 - 2015-05-30 20:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-17 01:31 - 2015-05-30 20:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-15 12:18 - 2015-07-15 12:18 - 00524800 _____ C:\Users\NoureddinE\Desktop\-بياجيه.ppt
2015-07-08 00:48 - 2015-07-13 00:52 - 00454702 _____ C:\Users\NoureddinE\Desktop\relation.pptx
2015-07-07 16:39 - 2015-07-07 16:39 - 00000050 _____ C:\Users\NoureddinE\Desktop\قصيدة.txt
2015-07-06 12:15 - 2015-07-06 12:15 - 00423936 _____ C:\Users\NoureddinE\Desktop\PPO et APC.ppt
2015-07-06 12:13 - 2015-07-06 12:13 - 00422912 _____ C:\Users\NoureddinE\Desktop\SujetComp.PPT
2015-07-06 10:35 - 2015-07-06 11:14 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\519B5F63.sys
2015-07-06 01:17 - 2015-07-06 01:17 - 00001183 _____ C:\Users\NoureddinE\Desktop\what do you say.txt
2015-06-27 14:20 - 2015-06-27 14:21 - 00000000 ____D C:\Users\NoureddinE\Desktop\New folder
2015-06-25 14:43 - 2015-06-25 14:43 - 00255507 _____ C:\Users\NoureddinE\Desktop\LIRE_COMPRENDRE.ppsx
2015-06-24 13:36 - 2015-07-23 15:37 - 00000000 ___RD C:\Users\NoureddinE\Google Drive
2015-06-24 13:36 - 2015-06-24 13:36 - 00001744 _____ C:\Users\NoureddinE\Desktop\Google Drive.lnk
2015-06-24 13:34 - 2015-07-19 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-24 00:50 - 2015-06-24 00:50 - 01094656 _____ C:\Users\NoureddinE\Desktop\pedagogie-differenciée.pps
2015-06-24 00:41 - 2015-06-24 00:41 - 00646656 _____ C:\Users\NoureddinE\Desktop\البيداغوجيا الفارقية ومحاربة الهدر المدرسي.ppt
2015-06-23 15:24 - 2015-06-23 15:25 - 01234432 _____ C:\Users\NoureddinE\Desktop\study of case.ppt
2015-06-23 14:54 - 2015-06-23 14:55 - 07448482 _____ C:\Users\NoureddinE\Desktop\formation_continue2prim.rar
2015-06-23 14:53 - 2015-06-23 15:13 - 00000000 _____ C:\Users\NoureddinE\Desktop\formation_continue1prim.rar
2015-06-23 14:51 - 2015-06-23 14:51 - 02016483 _____ C:\Users\NoureddinE\Desktop\modules_ar_prim.rar
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-23 16:00 - 2015-04-10 13:02 - 00005000 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LAPTOP-NOURINE-NoureddinE LAPTOP-NOURINE
2015-07-23 16:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-23 15:59 - 2014-09-28 16:30 - 00000000 ___RD C:\Users\NoureddinE\OneDrive
2015-07-23 15:56 - 2014-07-23 19:34 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-23 15:40 - 2014-09-14 14:53 - 01062626 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-23 15:35 - 2015-01-12 12:07 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-23 15:34 - 2015-06-21 21:34 - 00015127 _____ C:\WINDOWS\setupact.log
2015-07-23 15:34 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-23 15:33 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-23 12:51 - 2014-09-15 12:16 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9C15B8C3-13CB-4872-8D5F-E12A8084A380}
2015-07-23 09:35 - 2014-09-04 21:59 - 07778816 ___SH C:\Users\NoureddinE\Desktop\Thumbs.db
2015-07-23 09:03 - 2015-01-12 12:07 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-23 01:18 - 2015-05-17 21:35 - 00003888 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-23 01:12 - 2014-09-14 14:38 - 00000000 ____D C:\Users\NoureddinE
2015-07-22 22:47 - 2014-07-24 10:46 - 00000000 ____D C:\Users\NoureddinE\AppData\Local\CrashDumps
2015-07-22 22:39 - 2014-03-18 11:03 - 00333016 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-22 19:15 - 2014-11-11 00:07 - 00171520 ___SH C:\Users\NoureddinE\Downloads\Thumbs.db
2015-07-22 17:58 - 2014-07-23 17:34 - 00000000 ____D C:\Users\NoureddinE\AppData\Local\Packages
2015-07-22 12:39 - 2015-06-07 11:09 - 00065024 ___SH C:\Users\NoureddinE\Thumbs.db
2015-07-22 11:43 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-19 18:20 - 2014-07-23 17:55 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1497344233-3813089654-1566831206-1001
2015-07-17 19:14 - 2014-08-18 22:50 - 00778240 ___SH C:\Users\NoureddinE\Documents\Thumbs.db
2015-07-17 17:43 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-07-17 01:56 - 2015-06-21 23:08 - 00482576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-07-17 01:51 - 2014-12-10 14:21 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-07-17 01:51 - 2014-09-14 23:49 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-07-17 01:46 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-17 01:40 - 2014-07-25 06:21 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-17 01:40 - 2014-07-23 21:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-16 12:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-07-16 11:26 - 2014-07-23 18:17 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-07-16 00:58 - 2015-01-12 12:07 - 00003908 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 00:58 - 2015-01-12 12:07 - 00003672 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-14 17:01 - 2015-05-11 13:03 - 00000000 ____D C:\Users\NoureddinE\Formation
2015-07-14 11:49 - 2014-07-24 10:44 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-07-13 22:10 - 2015-05-17 00:04 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-13 22:10 - 2015-05-17 00:04 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-13 16:50 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-07-12 23:46 - 2014-11-24 19:08 - 00000000 ____D C:\Users\NoureddinE\Documents\Bluetooth Folder
2015-07-03 09:43 - 2014-07-23 21:23 - 130333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-26 15:11 - 2015-03-09 08:36 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-06-26 13:03 - 2014-07-23 19:34 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-26 13:03 - 2014-07-23 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-26 13:03 - 2014-07-23 19:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-26 01:22 - 2014-11-14 23:50 - 00000000 __SHD C:\Users\NoureddinE\AppData\Local\EmieBrowserModeList
2015-06-26 01:22 - 2014-09-15 12:16 - 00000000 __SHD C:\Users\NoureddinE\AppData\Local\EmieUserList
2015-06-26 01:22 - 2014-09-15 12:16 - 00000000 __SHD C:\Users\NoureddinE\AppData\Local\EmieSiteList
2015-06-25 23:55 - 2014-07-23 19:58 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-25 23:55 - 2014-07-23 19:58 - 00000000 ____D C:\Program Files\CCleaner
2015-06-24 16:36 - 2014-07-23 19:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-24 13:34 - 2014-07-23 19:55 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-24 13:34 - 2014-07-23 19:53 - 00000000 ____D C:\Users\NoureddinE\AppData\Local\Google
==================== Files in the root of some directories =======
2014-10-28 13:56 - 2014-10-28 14:02 - 0044228 _____ () C:\Users\NoureddinE\AppData\Local\RAContactHistory.xml
2014-07-24 18:16 - 2015-03-09 12:33 - 0007597 _____ () C:\Users\NoureddinE\AppData\Local\resmon.resmoncfg
2015-06-07 22:05 - 2014-04-30 15:53 - 0019535 _____ () C:\ProgramData\empty.ico
Some files in TEMP:
====================
C:\Users\NoureddinE\AppData\Local\Temp\Quarantine.exe
C:\Users\NoureddinE\AppData\Local\Temp\sqlite3.dll
C:\Users\NoureddinE\AppData\Local\Temp\{A635F254-528D-4196-90F7-6B33D8ED0D1A}-GoogleUpdateSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-23 02:30
==================== End of log ============================
-
23 Jul 2015 #8My System Specs
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by NoureddinE on 07/23/2015 at 16:07:53.40.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\NoureddinE\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
07/23/2015 4:11:21 PM Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\VideoLAN deleted successfully
C:\Users\NoureddinE\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\NoureddinE\AppData\Local\EmieSiteList deleted successfully
C:\Users\NoureddinE\AppData\Local\EmieUserList deleted successfully
C:\Users\NoureddinE\AppData\Local\MigWiz deleted successfully
C:\Users\NoureddinE\AppData\Local\PackageStaging deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Batch Command(s) Run By Tool======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\VideoLAN not found
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\adm deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\WINDOWS\Syswow64\GroupPolicy\adm deleted
C:\WINDOWS\Syswow64\GroupPolicy\Machine deleted
C:\WINDOWS\Syswow64\GroupPolicy\User deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk" not deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05/04/2015 06:47 PM]
==== Chromium Look ======================
Google Chrome Version: 43.0.2357.134
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[03/09/2015 08:36 AM]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]
Avast Online Security - NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Hotword Shared Module - NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Dictionary (by Google) - NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja
Search Center - NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndfplmdnbnefomnjiknbpejdceedhdmf
OneDrive - NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk
ezLinkPreview - NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkcfbiefgdaceeplickkkmifpicbpcc
==== Chromium Startpages ======================
C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Preferences
screen":1},"[*.]caseswatsab.blogspot.com,*":{"fullscreen":1},"[*.]en.wikipedia.org,*":{"fullscreen":1},"[*.]ma3rifa.tv,*":{"fullscreen":1},"[*.]share2give.net,*":{"fullscreen":1},"[*.]soundjax.com,*":{"multiple-automatic-downloads":2},"[*.]viraljuice.com,*":{"fullscreen":1},"[*.]windows.microsoft.com,*":{"fullscreen":1},"[*.]www.alahlytv.net,*":{"fullscreen":1},"[*.]www.barlamane.com,*":{"fullscreen":1},"[*.]www.francaisfacile.com,*":{"fullscreen":1},"[*.]www.frenchpod101.com,*":{"fullscreen":1},"[*.]www.goethe-verlag.com,*":{"fullscreen":1},"[*.]www.halalbook.fr,*":{"fullscreen":1},"[*.]www.impactseries.com,*":{"multiple-automatic-downloads":1},"[*.]www.luminpdf.com,*":{"plugins":1},"[*.]www.medi1tv.com,*":{"fullscreen":1},"[*.]www.microsoft.com,*":{"multiple-automatic-downloads":2},"[*.]www.moroccoworldnews.com,*":{"fullscreen":1},"[*.]www.sabayacafe.com,*":{"fullscreen":1},"[*.]www.slideshare.net,*":{"fullscreen":1},"[*.]www.viralnovelty.com,*":{"fullscreen":1},"[*.]www.viralnovelty.net,*":{"fullscreen":1},"[*.]www.viraltales.com,*":{"fullscreen":1},"[*.]www.youtube.com,*":{"fullscreen":1},"chrome-extension://fkfhdipkolmckpdfalfgiodfgbmbblal/,chrome-extension://fkfhdipkolmckpdfalfgiodfgbmbblal/":{"last_used":{"geolocation":1415295019.916475}},"http://apprendre.tv5monde.com:80,*":{"media-stream-camera":2,"media-stream-mic":2},"http://www.ssaurel.com:80,http://www.salat-times.com:80":{"geolocation":1,"last_used":{"geolocation":1415297037.965035}},"https://[*.]curiosity.com:443,*":{"fullscreen":1},"https://[*.]ia801005.us.archive.org:443,*":{"metro-switch-to-desktop":2},"https://[*.]mail.google.com:443,*":{"fullscreen":1},"https://[*.]scontent.xx.fbcdn.net:443,*":{"fullscreen":1},"https://[*.]www.facebook.com:443,*":{"fullscreen":1},"https://mail.google.com:443,*":{"last_used":{"notifications":1416752909.861668},"notifications":1},"https://mail.google.com:443,https://mail.google.com:443":{"last_used":{"notifications":1427303153.123052}},"https://www.acrobat.com:443,https://www.acrobat.com:443":{"geolocation":2}},"plugin_whitelist":{"google-update":true,"ppGoogleNaClPluginChrome":{"dll":false}},"pref_version":1},"created_by_version":"41.0. 2272.76","default_content_settings":{},"exit_type":"Normal","exited_cleanly":true,"gaia_info_picture _url":"https://lh5.googleusercontent.com/-h1nviASzrGs/AAAAAAAAAAI/AAAAAAAAAKw/1bzM9dXbApM/s256-c/photo.jpg","gaia_info_update_time":"13082126051127412","icon_version":3,"managed_user_id":"","manage d_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"mi grated_default_media_stream_content_settings":true,"name":"N@URINE","password_manager_enabled":true, "per_host_zoom_levels":{},"using_default_avatar":false,"using_default_name":false,"using_gaia_avatar ":false},"protection":{"macs":{}},"reverse_autologin":{"enabled":false},"savefile":{"default_directo ry":"C:\\Users\\NoureddinE\\Desktop"},"search":{"suggest_enabled":false},"selectfile":{"last_directo ry":"C:\\Users\\NoureddinE\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_mi gration_time":"13070383830247285"},"shelf_alignment":"Bottom","shelf_alignment_local":"Bottom","shel f_chrome_icon_index":1,"shelf_preferences":{"2200000001":{"auto_hide_behavior":"Never"}},"signin":{" signedin_time":"13070383887628239"},"spellcheck":{"dictionary":"en-US","use_spelling_service":true},"sync":{"acknowledged_types":["Bookmarks","Preferences","Passwords","Autofill Profiles","Autofill","Themes","Typed URLs","Extensions","Search Engines","Sessions","Apps","App settings","Extension settings","History Delete Directives","Dictionary","Favicon Images","Favicon Tracking","Device Info","Priority Preferences","Managed User Settings","Managed Users","Managed User Shared Settings","Articles","App List","WiFi Credentials","Managed User Whitelists","Tabs","Encryption keys"],"app_list":true,"app_settings":true,"apps":true,"autofill":false,"autofill_profile":false,"bookmark s":true,"dictionary":true,"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAzltIMzrvWU+nn4PQ6/jHEwAAAAACAAAAAAAQZgAAAAEAACAAAACMUgTe/Uy6Ex4J21pZOxR/WYEJUQiL8EE4xFgFCTnPZgAAAAAOgAAAAAIAACAAAAAxjocwoMAhXPABF5eemxqdqsxG4vSnlzfHCfbkEiyGe0AAAAD2PT6C1QPC +68JsKe7oq0RqAlWeWIG18CuiHDw7JBDEeO+Sb/S4HCSwNTmVpq77VtUexxJVvNWw/RC85eYSWWLQAAAAADVauT/6g1fowaX47xJA4zz97iVgnxNcr5s1FGHNBKUIWaru+h5/MIshIeYPt0O38V1KfW483VXkl4/DDichPg=","extension_settings":true,"extensions":true,"favicon_images":false,"favicon_tracking":fals e,"first_sync_time":"13070383887646331","has_setup_completed":true,"history_delete_directives":false ,"keep_everything_synced":false,"keystore_encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAzltIMzrvWU+nn4PQ6/jHEwAAAAACAAAAAAAQZgAAAAEAACAAAABdZY+hq81mU/lsNPl5kdfBoDTqFstXAo8i3zFe7X8FeQAAAAAOgAAAAAIAACAAAAA9vXqf7OzNUVSB5z3Cmc7FsIHc7bXVvp2A9lE1eZElnFAAAA BQQbXLRNHwf36JvvfSFhHm1L3Sa3a2O2/NuECHDNeY4+zZBD2ultOktGIbtqbrO0lSPxnvtLg8bzhXlmJEcpWWJy08h042qPdl//d18uh+6UAAAADUbvHh35nbyxN5wVYDkcKVoGrLi8D8IJMv3gyWfhM5v0lAbNWbag1zCYr1JRf4V1Nseg2HpxPKtBw+wPbjDPs1", "last_synced_time":"13082101538233221","managed_user_settings":false,"managed_user_shared_settings": false,"managed_user_whitelists":false,"managed_users":false,"passwords":true,"preferences":true,"pri ority_preferences":true,"search_engines":true,"sessions":false,"suppress_start":false,"tabs":false," themes":false,"typed_urls":false},"sync_promo":{"user_skipped":true},"translate":{"enabled":false}," translate_accepted_count":{"en":2,"fa":1,"pl":2,"ru":0,"und":2},"translate_blocked_languages":["ar","fr"],"translate_denied_count":{"en":0,"fa":0,"pl":0,"ru":1,"und":0},"translate_language_blacklist":[],"translate_site_blacklist":[],"translate_whitelists":{}}
53B112337"},"profile":{"reset_prompt_memento":"81A3977017FA37048B979971ADAF268EB6B9F6EE69592EB36DFF3 5D3D0F81796"},"safebrowsing":{"incidents_sent":"A83F48A1D414A65889AF5DB1D047E7C84BAAF679FE7BE966B714 2F423CF0CEE3"},"search_provider_overrides":"6BCD7EEE92A64C88F439DE0D867A4EE45A208B60A41E1EBACB355C76 94E0C504","session":{"restore_on_startup":"66038A00FB5FFC446DD172EF1D0D1BE7DA67735CEC5A4E07FB3BA6211 B632B28","startup_urls":"B43E8A35221F20D21B0E401C22F0C5ACB31A8CD146254906CF731C64B28ED4F5"},"softwar e_reporter":{"prompt_reason":"A5B5638CA6834C4DF86D211BB90E83CE893C81512012D24293CC9971A177BA38","pro mpt_seed":"A5B3D41BAA6590681C25BC284ED85F154298ADDF1E605F51A1F02C63EB62F7DE","prompt_version":"4BDD6 3E284D2C29DEAF70451ECC2BD92BDE940AB9A26CBD8D3C57B6BFAC58B5F"},"sync":{"remaining_rollback_tries":"10 03727B716C4CF4069953029828E60B247B84B5850BAA9B745D9EA678822E50"}},"super_mac":"4941E53D6A2E4FE4A0C9A 9D59C5A11CB63922ED212FC3B1E6C7085AFB3A98E57"},"session":{"restore_on_startup":5,"startup_urls":["http://www.google.com/"]},"sync":{"remaining_rollback_tries":0}}
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\NoureddinE\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\NoureddinE\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\NoureddinE\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\NoureddinE\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\NoureddinE\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=15 folders=13 6649315 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\NoureddinE\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\NOURED~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk" not found
==== EOF on 07/23/2015 at 16:45:05.10 ======================
-
23 Jul 2015 #9My System Specs
23 Jul 2015 17:12:13 [0c4c] - **********************************************************
23 Jul 2015 17:12:13 [0c4c] - MWAV - eScanAV AntiVirus Toolkit.
23 Jul 2015 17:12:13 [0c4c] - Copyright © MicroWorld Technologies
23 Jul 2015 17:12:13 [0c4c] - **********************************************************
23 Jul 2015 17:12:13 [0c4c] - Version 14.0.202 (C:\USERS\NOUREDDINE\APPDATA\LOCAL\TEMP\MWAVSCAN.EXE)
23 Jul 2015 17:12:13 [0c4c] - Log File: C:\Users\NoureddinE\AppData\Local\Temp\LOG\MWAV.LOG
23 Jul 2015 17:12:13 [0c4c] - MWAV Registered: TRUE
23 Jul 2015 17:12:13 [0c4c] - User Account: NoureddinE (Administrator Mode)
23 Jul 2015 17:12:13 [0c4c] - OS Type: Windows Workstation [InstallType: Client]
23 Jul 2015 17:12:13 [0c4c] - OS: Windows 8.1 64-Bit [OS Install Date: 14 Sep 2014 15:42:05]
23 Jul 2015 17:12:13 [0c4c] - Ver: Personal Build 9200
23 Jul 2015 17:12:13 [0c4c] - System Up Time: 30 Minutes, 20 Seconds
23 Jul 2015 17:12:13 [0c4c] - Parent Process Name : c:\Windows\explorer.exe
23 Jul 2015 17:12:13 [0c4c] - Windows Root Folder: C:\WINDOWS
23 Jul 2015 17:12:13 [0c4c] - Windows Sys32 Folder: C:\WINDOWS\system32
23 Jul 2015 17:12:13 [0c4c] - DHCP NameServer: 192.168.1.1
23 Jul 2015 17:12:13 [0c4c] - Interface0 DHCPNameServer: 192.168.1.1
23 Jul 2015 17:12:13 [0c4c] - Interface1 DHCPNameServer: 192.168.0.1 192.168.0.1
23 Jul 2015 17:12:13 [0c4c] - Local Fixed Drives: c:\,d:\,e:\
23 Jul 2015 17:12:13 [0c4c] - MWAV Mode(A): Scan and Clean files
23 Jul 2015 17:12:13 [0c4c] - [CREATED ZIP FILE: C:\Users\NoureddinE\AppData\Local\Temp\pinfect.zip]
23 Jul 2015 17:12:44 [0c4c] - Latest Date of files inside MWAV: Thu Jul 23 18:05:32 2015.
23 Jul 2015 17:12:44 [0c4c] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\NoureddinE\AppData\Local\Temp\LOG\ESCANDB.LOG]
23 Jul 2015 17:12:45 [0c4c] - Loaded/Created FileScan Cache Database...
23 Jul 2015 17:12:45 [0c4c] - Loading AV Library [DB]...
23 Jul 2015 17:12:56 [0c4c] - ArchiveScan: DISABLED
23 Jul 2015 17:12:56 [0c4c] - AV Library Loaded - MultiThreaded - 4 : [DB-DIRECT].
23 Jul 2015 17:12:56 [0c4c] - MWAV doing self scanning...
23 Jul 2015 17:12:56 [0c4c] - MWAV files are clean.
23 Jul 2015 17:13:11 [0c4c] - ArchiveScan: DISABLED
23 Jul 2015 17:13:11 [0c4c] - Virus Database Date: 23 Jul 2015
23 Jul 2015 17:13:11 [0c4c] - Virus Database Count: 5824228
23 Jul 2015 17:13:11 [0c4c] - Sign Version: 7.61671 [520423]
23 Jul 2015 17:16:57 [0c4c] - **********************************************************
23 Jul 2015 17:16:57 [0c4c] - MWAV - eScanAV AntiVirus Toolkit.
23 Jul 2015 17:16:57 [0c4c] - Copyright © MicroWorld Technologies
23 Jul 2015 17:16:57 [0c4c] -
23 Jul 2015 17:16:57 [0c4c] - Support: support@escanav.com
23 Jul 2015 17:16:57 [0c4c] - Web: eScan Antivirus | Virus Protection
23 Jul 2015 17:16:57 [0c4c] - **********************************************************
23 Jul 2015 17:16:57 [0c4c] - Version 14.0.202[DB] (C:\USERS\NOUREDDINE\APPDATA\LOCAL\TEMP\MWAVSCAN.EXE)
23 Jul 2015 17:16:57 [0c4c] - Log File: C:\Users\NoureddinE\AppData\Local\Temp\LOG\MWAV.LOG
23 Jul 2015 17:16:57 [0c4c] - User Account: NoureddinE (Administrator Mode)
23 Jul 2015 17:16:57 [0c4c] - Parent Process Name : c:\Windows\explorer.exe
23 Jul 2015 17:16:57 [0c4c] - Windows Root Folder: C:\WINDOWS
23 Jul 2015 17:16:57 [0c4c] - Windows Sys32 Folder: C:\WINDOWS\system32
23 Jul 2015 17:16:57 [0c4c] - OS: Windows 8.1 64-Bit [OS Install Date: 14 Sep 2014 15:42:05]
23 Jul 2015 17:16:57 [0c4c] - Ver: Personal Build 9200
23 Jul 2015 17:16:57 [0c4c] - Latest Date of files inside MWAV: Thu Jul 23 18:05:32 2015.
23 Jul 2015 17:16:57 [0c4c] - Priority: NORMAL
23 Jul 2015 17:16:57 [0628] - Options Selected by User:
23 Jul 2015 17:16:57 [0628] - Memory Check: Enabled
23 Jul 2015 17:16:57 [0628] - Registry Check: Enabled
23 Jul 2015 17:16:57 [0628] - StartUp Folder Check: Enabled
23 Jul 2015 17:16:57 [0628] - System Folder Check: Enabled
23 Jul 2015 17:16:57 [0628] - Services Check: Enabled
23 Jul 2015 17:16:57 [0628] - Scan Archives: Disabled
23 Jul 2015 17:16:57 [0628] - Drive Check: Enabled
23 Jul 2015 17:16:57 [0628] - All Drive Checkisabled
23 Jul 2015 17:16:57 [0628] - Drive Selected = C:\
23 Jul 2015 17:16:57 [0628] - Folder Check: Disabled
23 Jul 2015 17:16:57 [0628] - SCAN: All_Files [ANSI]
23 Jul 2015 17:16:57 [0628] - MWAV Mode(B): Scan and Clean files
23 Jul 2015 17:16:57 [0628] - Scanning DNS Records...
23 Jul 2015 17:16:57 [0628] - Scanning Master Boot Record (User)...
23 Jul 2015 17:16:58 [0628] - Scanning Logical Boot Records...
23 Jul 2015 17:17:01 [0628] - ***** Scanning For Hidden Rootkit Processes *****
23 Jul 2015 17:17:01 [0628] - ***** Scanning For Hidden Rootkit Services *****
23 Jul 2015 17:17:10 [0628] - ***** Scanning Memory Files *****
23 Jul 2015 17:17:44 [0628] - ***** Scanning Registry Files *****
23 Jul 2015 17:17:49 [0628] - Scanning File C:\WINDOWS\SysWOW64\spool\DRIVERS\x64\3\CNAP2LAK.EXE
23 Jul 2015 17:17:49 [0628] - ERROR(2)!!! ScanFile Fails for C:\WINDOWS\SysWOW64\spool\DRIVERS\x64\3\CNAP2LAK.EXE...
23 Jul 2015 17:17:50 [0628] - ***** Scanning StartUp Folders *****
23 Jul 2015 17:18:01 [1b50] - ScanFile (C:\Users\NoureddinE\Desktop\mwav.exe) took 7187 ms
23 Jul 2015 17:21:02 [0628] - ***** Scanning Service Files *****
23 Jul 2015 17:21:03 [0628] - Scanning File C:\WINDOWS\System32\drivers\1394ohci.sys
23 Jul 2015 17:21:03 [0628] - ERROR(2)!!! ScanFile Fails for C:\WINDOWS\System32\drivers\1394ohci.sys...
23 Jul 2015 17:21:27 [0628] - ***** Scanning System32 Folders *****
23 Jul 2015 17:25:50 [0628] - ***** Scanning Drive C:\ *****
23 Jul 2015 17:27:22 [1024] - ScanFile (C:\Program Files\Microsoft Office\Office15\1033\EXPTOOWS.XLA) took 8578 ms
23 Jul 2015 17:37:10 [1024] - Scanning File C:\System Volume Information\{73d2b39f-2ae2-11e5-bf42-30f9edc8dec3}{3808876b-c176-4e48-b7ae-04046e6cc752}
23 Jul 2015 17:37:10 [1b14] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
23 Jul 2015 17:37:10 [1b50] - Scanning File C:\System Volume Information\{376077e7-30d4-11e5-bf46-30f9edc8dec3}{3808876b-c176-4e48-b7ae-04046e6cc752}
23 Jul 2015 17:37:10 [16b8] - Scanning File C:\System Volume Information\{373ec79e-2379-11e5-bf3f-30f9edc8dec3}{3808876b-c176-4e48-b7ae-04046e6cc752}
23 Jul 2015 17:42:27 [1b50] - ScanFile (C:\Users\NoureddinE\Mixed folders\pkeyuibx_v1.4.9z.zip) took 13765 ms
23 Jul 2015 17:52:11 [1024] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\kit46897.inf_amd64_49eb3e161ad70bc4\igdfcl32.dll) took 7140 ms
23 Jul 2015 17:55:12 [16b8] - ScanFile (C:\Windows\SysWOW64\Dism\DismHost.exe) took 8969 ms
23 Jul 2015 17:55:54 [1024] - ScanFile (C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe) took 13453 ms
23 Jul 2015 18:03:25 [1b50] - ScanFile (C:\Windows\WinSxS\amd64_netfx-microsoft.visualbasic_b03f5f7f11d50a3a_6.3.9600.17226_none_166264d0cd10bb08\Microsoft.VisualBasic.dl l) took 5031 ms
23 Jul 2015 18:11:55 [1b14] - ScanFile (C:\Windows\WinSxS\msil_microsoft-windows-workplacejoin_31bf3856ad364e35_6.3.9600.16384_none_6c98aaf16c52982b\AutoWorkplace.exe) took 12937 ms
23 Jul 2015 18:12:11 [1024] - ScanFile (C:\Windows\WinSxS\msil_microsoft.visualbasic.compatibility.data_b03f5f7f11d50a3a_6.3.9600.17226_non e_7a438307e0e1145f\Microsoft.VisualBasic.Compatibility.Data.dll) took 18688 ms
23 Jul 2015 18:12:12 [16b8] - ScanFile (C:\Windows\WinSxS\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.3.9600.17226_none_086 bb6f5594a484d\Microsoft.VisualBasic.Compatibility.dll) took 19453 ms
23 Jul 2015 18:12:55 [1b50] - ScanFile (C:\Windows\WinSxS\Temp\PendingDeletes\$$DeleteMe.imm32.dll.01d005acf602cc2c.00b1) took 17688 ms
23 Jul 2015 18:12:55 [1024] - ScanFile (C:\Windows\WinSxS\Temp\PendingDeletes\$$DeleteMe.clbcatq.dll.01d005ad01646a27.00ca) took 31313 ms
23 Jul 2015 18:12:55 [1024] - Scanning of C:\Windows\WinSxS\Temp\PendingDeletes\$$DeleteMe.clbcatq.dll.01d005ad01646a27.00ca Timed out!!!
23 Jul 2015 18:12:56 [1b14] - ScanFile (C:\Windows\WinSxS\Temp\PendingDeletes\$$DeleteMe.difxapi.dll.01d005ad00f91e14.00c7) took 22609 ms
23 Jul 2015 18:12:56 [1b14] - Scanning of C:\Windows\WinSxS\Temp\PendingDeletes\$$DeleteMe.difxapi.dll.01d005ad00f91e14.00c7 Timed out!!!
23 Jul 2015 18:12:57 [16b8] - ScanFile (C:\Windows\WinSxS\Temp\PendingDeletes\$$DeleteMe.comdlg32.dll.01d005acf830b949.00b5) took 24406 ms
23 Jul 2015 18:12:57 [16b8] - Scanning of C:\Windows\WinSxS\Temp\PendingDeletes\$$DeleteMe.comdlg32.dll.01d005acf830b949.00b5 Timed out!!!
23 Jul 2015 18:14:43 [1024] - ScanFile (C:\Windows\WinSxS\wow64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_6.3.9600.17415_none_d65136655317f7e5\psr.exe) took 6859 ms
23 Jul 2015 18:14:44 [16b8] - ScanFile (C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_6.3.9600.17933_none_26e7f25171bfbfb7\FlashPlayerApp.exe) took 14219 ms
23 Jul 2015 18:14:45 [1b50] - ScanFile (C:\Windows\WinSxS\wow64_eventviewersettings_31bf3856ad364e35_6.3.9600.17415_none_f0577d400bd158f9\e ventvwr.exe) took 12110 ms
23 Jul 2015 18:14:58 [1024] - ScanFile (C:\Windows\WinSxS\wow64_microsoft-windows-com-complus-ui_31bf3856ad364e35_6.3.9600.17415_none_ac0768ee5056c655\dcomcnfg.exe) took 9000 ms
23 Jul 2015 18:15:13 [1b50] - ScanFile (C:\Windows\WinSxS\wow64_microsoft-windows-gpowershell-exe_31bf3856ad364e35_6.3.9600.17401_none_33f7939fa9ced19f\powershell_ise.exe) took 8688 ms
23 Jul 2015 18:19:56 [0628] - ***** Checking for specific ITW Viruses *****
23 Jul 2015 18:19:56 [0628] - ***** Scanning complete. *****
23 Jul 2015 18:19:56 [0628] - Total Objects Scanned: 223169
23 Jul 2015 18:19:56 [0628] - Total Critical Objects: 0
23 Jul 2015 18:19:56 [0628] - Total Disinfected Objects: 0
23 Jul 2015 18:19:56 [0628] - Total Objects Renamed: 0
23 Jul 2015 18:19:56 [0628] - Total Deleted Objects: 0
23 Jul 2015 18:19:56 [0628] - Total Errors: 2
23 Jul 2015 18:19:56 [0628] - Time Elapsed: 01:02:47
23 Jul 2015 18:19:56 [0628] - Virus Database Date: 23 Jul 2015
23 Jul 2015 18:19:56 [0628] - Virus Database Count: 5824228
23 Jul 2015 18:19:56 [0628] - Sign Version: 7.61671 [520423]
23 Jul 2015 18:19:56 [0628] - Scan Completed.
-
23 Jul 2015 #10My System Specs
for Adware Removal Tool., I can't download it, because it isn't there
|
|||||||||||||||||
About Us
PC Help Forum is an independent website that provides free advice and technical support for members and guests. All trademarks mentioned are the property of their respective owners. PCHelpForum.com is not responsible for views, comments, content or external links posted by members.
© Designer Media Ltd
All times are GMT -6. The time now is 20:55.
PC Help Forum is an independent website that provides free advice and technical support for members and guests. All trademarks mentioned are the property of their respective owners. PCHelpForum.com is not responsible for views, comments, content or external links posted by members.
© Designer Media Ltd
All times are GMT -6. The time now is 20:55.
Find Us
